Scammers Target Remote Workers with Email Phishing Campaigns

By Lindsay Scott and Kathie McDonald-McClure

According to a recent USA Today article, the Federal Trade Commission (FTC) reported that it had received 83,858 fraud reports this year through August 9th relating to COVID-19 and the economic stimulus packages. Many of these fraud reports are connected to email phishing campaigns that target remote, telework or furloughed employees.

In one type of phishing campaign, scammers send emails to workers telling them that their employment is being terminated as a result of COVID-19 and purports to offer termination package options. These termination email scams provide clickable links inviting the employee to attend a teleconference meeting or to obtain additional information concerning the termination packages. Instead, these links download malicious software or require the employee to enter personal information, such as a Social Security number, in an attempt to steal their identity and ultimately commit financial fraud that harms the employee. Employees who receive a suspicious email telling them they are being terminated should notify their human resources department or other designated person in the organization.

Continue reading

Ten Easy Cyber Security Measures To Add To Your 2016 List Of New Year’s Resolutions

NewYearsEveClockWhen thinking about your 2016 New Year’s resolutions, include some data security resolutions on your list! The Kentucky Chamber of Commerce in coordination with Wyatt Tarrant & Combs, LLP, hosted a Cyber Security and Data Privacy seminar on December 17, 2015. This blog post highlights several ideas for resolutions that came from thoughts expressed by speakers during the seminar. In the coming year, think about what you should be doing to protect your personal identity as well as to protect the personal information of your customers, clients, patients and employees.  Here are ten resolutions to get you started:

RESOLUTION #1 – I will NOT use a credit or debit card at a gas pump. This resolution can serve a two-fold purpose: a) You can make progress toward your 10,000 steps by walking to the cashier window, and b) you can protect yourself from identity theft. Dan Jackman, a cyber security task force officer with the FBI, stated during the seminar that thieves are stealing credit card information from gas pumps and explained how they do it. According to Officer Jackman, there are ONLY five different pump keys for the entire Commonwealth of Kentucky.  So, dishonest fraudsters take a job with a gas station just to get access to the pump key so they can open the pump casing and change out credit card readers, not just at that station but dozens of stations using the same key.  By gaining access to the inside of the pump, they can replace the card reader in a way that it cannot be detected when closing and locking the pump casing.  The fraudster makes the switch in the dead of the night.  Credit/debit cards are being ripped off in a matter of seconds within the time they are used at a pump with a fake card reader. Apparently, this type of theft is rampant in Kentucky.

Officer Jackman recommends going to the window to use a credit card or pay cash (thereby making this a two-part resolution because you will get some steps). If you cannot break the habit of paying at the pump, then use a prepaid card to limit your losses. Avoid using a debit card tied to your checking account. Continue reading